UK Bans Common Passwords in World-First Cybersecurity Laws
The UK has taken a groundbreaking step in protecting against cyber attacks by banning common and easily guessed passwords such as “admin” or “12345”. This move, part of a world-first legislation, aims to safeguard individuals and businesses from malicious cyber threats.
Under the new laws, not only will default passwords be banned, but any user who suggests a common password will be prompted to change it upon creating a new account. This is in response to the alarming number of hacking attempts on households with smart devices, which can reach over 12,000 in a single week, with 2,684 of those attempts aimed at guessing weak passwords on five devices, according to an investigation by Which?
The most commonly used passwords in the UK last year, as revealed by password managing website NordPass, were “123456” and surprisingly, “password”. These easily guessed passwords pose a significant security risk, making it imperative for the UK to take action.
These new measures, which go into effect on Monday, make the UK the first country in the world to implement such laws. They fall under the Product Security and Telecommunications Infrastructure (PSTI) regime, which aims to enhance the country’s resilience against cyber attacks and prevent malicious interference from impacting the UK and global economy.
Under the law, manufacturers of all internet-connected devices – including mobile phones, smart doorbells, and high-tech fridges – will be required to adhere to minimum security standards. They will also be mandated to publish contact details for reporting and resolving bugs and issues, as well as informing consumers of the expected timeframe for receiving important security updates.
Viscount Camrose, the science and technology minister, stated, “As everyday life becomes increasingly dependent on connected devices, the threats generated by the internet multiply and become even greater. From today, consumers will have greater peace of mind that their smart devices are protected from cyber criminals. We are committed to making the UK the safest place in the world to be online, and these new regulations mark a significant leap towards a more secure digital world.”
Recent statistics show that 99% of UK adults own at least one smart device, with an average of nine connected devices per household. Additionally, 57% of households have a smart TV, 53% own a voice assistant, and 49% have a smart watch or fitness wristband. However, the security of these devices has been called into question by Copper Horse, a company specializing in mobile phone software and security, who flagged products with webcams as “weak and insecure” and easily hackable.
These new laws aim to increase consumer confidence in the security of the products they use and purchase. They are part of the UK government’s £2.6bn National Cyber Strategy, which seeks to protect and promote the country’s online landscape.